Security
Headlines
HeadlinesLatestCVEs

Tag

#git

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

The North Korean threat actors behind the Contagious Interview campaign have once again tweaked their tactics by using JSON storage services to stage malicious payloads. "The threat actors have recently resorted to utilizing JSON storage services like JSON Keeper, JSONsilo, and npoint.io to host and deliver malware from trojanized code projects, with the lure," NVISO researchers Bart Parys, Stef

The Hacker News
Open in Source
#web#ios#google#js#git#java#intel#backdoor#bitbucket#The Hacker News
Chinese State Hackers Jailbroke Claude AI Code for Automated Breaches

Anthropic, the developer behind Claude AI, says a Chinese state sponsored group used its model to automate most of a cyber espionage operation against about 30 companies with Claude handling up to 90% of the technical work.

Chinese Tech Firm Leak Reportedly Exposes State Linked Hacking

A massive data leak reportedly at Chinese firm Knownsec (Chuangyu) exposed 12,000 files detailing state-backed 'cyber weapons' and spying on over 20 countries. See the details, including 95GB of stolen Indian immigration data.

Iranian Hackers Launch ‘SpearSpecter’ Spy Operation on Defense & Government Targets

The Iranian state-sponsored threat actor known as APT42 has been observed targeting individuals and organizations that are of interest to the Islamic Revolutionary Guard Corps (IRGC) as part of a new espionage-focused campaign. The activity, detected in early September 2025 and assessed to be ongoing, has been codenamed SpearSpecter by the Israel National Digital Agency (INDA). "The

GHSA-mqp8-pgg5-7x7m: Mattermost allows system administrators to access password hashes and MFA secrets

Mattermost versions 10.11.x <= 10.11.3, 10.5.x <= 10.5.11, 10.12.x <= 10.12.0 fail to sanitize user data which allows system administrators to access password hashes and MFA secrets via the POST /api/v4/users/{user_id}/email/verify/member endpoint

Your passport, now on your iPhone. Helpful or risky?

Apple's Digital ID makes travel smoother and saves you from digging for documents, but it comes with privacy and security trade-offs. We break down the pros and cons.

GHSA-j6gg-r5jc-47cm: Mattermost fails to properly restrict access to archived channel search API

Mattermost versions < 11 fail to properly restrict access to archived channel search API which allows guest users to discover archived public channels via the `/api/v4/teams/{team_id}/channels/search_archived` endpoint

GHSA-xpg8-8xpv-948p: Mattermost does not enforce MFA on WebSocket connections

Mattermost versions < 11 fail to enforce multi-factor authentication on WebSocket connections which allows unauthenticated users to access sensitive information via WebSocket events.

GHSA-ff85-qw3h-g9vp: Mattermost allows an attacker to edit arbitrary posts via a crafted MSTeams plugin OAuth redirect URL

Mattermost versions 10.11.x <= 10.11.3, 10.5.x <= 10.5.11, 10.12.x <= 10.12.0 fail to validate the relationship between the post being updated and the MSTeams plugin OAuth flow which allows an attacker to edit arbitrary posts via a crafted MSTeams plugin OAuth redirect URL.

GHSA-x3hx-ch7p-8xgg: Mattermost allows regular users to access archived channel content and files

Mattermost versions < 11.0 fail to properly enforce the "Allow users to view archived channels" setting which allows regular users to access archived channel content and files via the "Open in Channel" functionality from followed threads